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From: Allen David J NRO USA GOV 

Sent: Friday, June 8, 2018 11:13 AM 

To: (b)(3) 
Subject: FW: Datawalk and Enveil --- UNCLASSIFIEDAFO4e—— 

Attachments: DataWalk Data Sheet[1].pdf; enveil-federal-datasheet Update.pdf 








Classification: UNCLASSIFIED*+(Fete 











FYI.....n0 action. Dave. 


From: Barber Randy C NRO USA GOV 
Sent: Friday, June 08, 2018 9:29 AM 














Allen David J NRO USA GOV; (b)(3) 




















Subject: FW: Datawalk and Enveil --- UNCLASSIFIEDAFE8e— 


Classification: UNCLASSIFIEDA-ouc— 

















. Mary Corrado (former NRO D/ROM a.k.a. BPO) sent me the attached info sheets from a couple of (b)(3) 
vendors for which she serves as a consultant. She thought these capabilities might be of value to the NRO. Please 

take a look, If you are interested, please work thru Ken Whitson/MID. He can get your POC in touch with Mary 

and the vendors... Randy 





Enveil provides the first certified solution for performing searches from classified/trusted dorr 
against sources on untrusted or lower classification domains. Enveil's ZeroReveal™ solutions ¢ 


selectors stay encrypted and nothing is ever revealed during the entire processing lifecycle. 
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QO) DataWalk 


Make Better, Faster Decisions 
Using All Your Data 


a OODIOVCO Clic 


























The Problem 

Large organizations in law 
enforcement, intelligence, insurance, 
and other sectors often face 
challenges analyzing large volumes of 
data across multiple silos with various 
data structures and security 
permissions. Accessing, normalizing, 
combining, and analyzing this data 
can be highly problematic, impacting 
he organization's ability to full their 
mission. 


n addition, these organizations are 
often challenged to produce better, 





aster results, but may be limited by 
financial constraints and/or availability 
of experienced analytics experts. 


The Solution 

DataWalk is a commercial grade Big 
Data software platform for connecting 
numerous large cata sets, both 
external and internal, into a single 
epository for fast visual analysis. 


nteractive analyses are performed 
instantly, without IT assistance, and 
without requiring SQL expertise. 
Unlike traditional data analysis 
systems that are heavily services- 
based, DataWailk typically delivers 
first results with Enterprise-level data 





in just a few days. 
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Encode Knowledge 

With DataWalk Instant Analyses, you 
can save workflows and easily 
generate risk scores. This enables 
your organization to encode 
knowledge - including complex 
analyses generated by your best 
experts - and with the click of a 
button re-run or edit the same 
analyses, without having to reinvest 
the time or remember ail the steps. 


With this capability, even non- 
technical users can take advantage of 
the powerful capabilities of DataWalk 
~ and leverage the knowledge of 
domain experts and your best 
analysts - simply by pushing a button 
to instantly execute what may be a 
very complex analysis. 


Analyses include custom filtering of 
data sets and connections, identitying 
connected entities across many 
sources, and exposing networks of 
hidden linkages. 


identify Data Of Interest With Just 
a Few Clicks 

DataWalk reduces billions of records 

to the specific data of interest in just a 
few Clicks, via the Universe Viewer 

(UV) graphical interface. 


a 
= 
= 
= 
a. 


fata Walk 
Sharding 


Figure 1: DataWalk System Diagram 


The UV enables you to visualize and 
instantly filter data and connections 
across all data sets, to visually 
understand other behavioral trends. 
There's no need to know SQL or any 
programming language. 


Fast Multi-Dimensional 
Scoring 

Scores are quickly generated or 
modified, across any number of 
sophisticated analyses, and you can 
score any object (e.g., people, 
properties, activities, locations, etc.) 





You can quickly generate risk-scores 
to expose potential fraudsters (or 
insider threats) based on thelr related 
transactions, risk profiles of their 
connections, patterns of use of 
identification numbers (or devices), 
and many other factors. You can 
instantly do any analysis across any or 
all of your data, without creating a 
new data mart or a new analytical 
environment. 














asily, Securely Collaborate 
DataWalk is a shared multi-user 





system buill to facilitate collaboration 
across colleagues and agencies. 
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Browser (no client software} 


Hi Higiy Sceied Storage 





















































Designed with a highly granular permissions 
scheme, DataWalk ensures users only see 
data and related analyses for which they are 
authorized. 


Manage Your Work In The 
investigation Workspace 

The Investigation Workspace makes it 
easy to create and manage investigation 
activities in DataWalk. Create a folder for a 
new investigation; attach analyses, link 
charts, notes, and any related documents; 
save them all in a folder; and select 





colleagues with whom you'd like to 
privately share the folder. 


Powerful Analytic Tools 

DataWalk is a suite of fully integrated 
analytic capabilities designed to deliver 
better results and deeper insights across 
all of your data. 


One of the unique DataWalk tools is the 
Universe Viewer, which offers you a visual 
representation to easily and interactively 
structure both basic and complex queries. 


In addition, DataWalk includes: 


® Histograms 

@ Link charts 

e Maps 

* Timelines 

e Pivot tables 

® Interactive charts 
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Easily Harmonize And Search 


Across Many Data Sources 
DataWalk integrates multiple sources 
into a universal model to deliver a big- 
picture view on ail activities and 
connections to support tactical and 
strategic analyses. DataWalk is 
architected specifically for 
environments with many sources and 
large volumes of data, even if the data 
is structured or described in different 
ways. DataWalk identifies and stores 
connections between your data sets 
to deliver fast interactive analysis, 
even for billlons of records. 


Great For All Analysts... 
Powerful DataWalk capabilities such 


as instant Analyses, search, link 
charts, and the Investigation 
Workspace can all typically be used 
by non-technical analysts after only a 
couple hours of online training. 


...Including Your Power Users 
Power users can take full acvantage 
of DataWalk’s advanced capabilities 
for powerful visual querying, creating 
advanced connections, and saving 
complex analyses for use by others. 
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Viewer Provides A Highly Visual Analytics Environment 


Mix And Match Data From 
Internal Silos, External Sources, 


And Your Desktop 


Data frorn internal database “silos”, 
external databases or XML. feeds are 
easily combined, 


You can also import and integrate your 
own Microsoft Excel spreadsheets into 
this environment, and analyze the data In 
a private “sandbox”. This is particularly 
valuable when linking case-specific data 
to other existing data sources. Sharing 
the results with approved users is a 
simple click-of-the-mouse, 


A Practical Software Solution 
DataWalk is a scale-out Commercial Off- 
The-Shelf (COTS) software platform 
running on commodity servers, ensuring 
affordable economics relative to other 
scalable Enterprise class systems. 


DataWalk software can be deployed 
either on-premise or in the cloud, and is 
operated via a simple web browser. 
There are no client-side installs or risk of 
data loss while deploying to large 
numbers of remote users. 


No Forward-Deployed Engineers 
And Minimal IT Investment 

With DataWalk there is no need for long- 
term professional consulting services, 
which again helps to provide a dramatic 
cost advantage relative to alternative 
systems. 


Once deployed, DataWalk typically 
requires minimal IT support. Users 
can instantly access ail data they are 
authorized to see. Unlike alternative 
systems, administrative power-users 
can modify the analytic data structure 
on their own using simple, graphical 
interfaces, without requiring 





professional services. 


First Results In Hours Or Days 
Unlike alternative approaches that may 
take months or years before tangible 
results are generated, with DataWalk you 
can see results in days, anc sometimes 
within hours, for complex, multi-source, 
multi-user Enterprise environments. In 
addition, you don’t need to be a 
technical expert to configure DataWalk — 
i's all point-and-click menus. 








eH NI 


Single, Fully integrated 
Out-Of-The-Box Software 
Platform 

DataWalk is a fully integrated COTS 
software platform, so there is no need to 
cobble together multiple product 
components or separate modules to 
have a complete system. DataWalk 
comes complete with all specified 
analytics and the necessary infrastructure 
software for data storage. 


Easily Access Data And Analyses 
DataWalk is an open system with defined 
APIs that make it easy for you to access 
data and analyses from other systems. 
For example, the popular statistical 
analysis program R can pull data and 
analyses from DataWalk, perform various 
statistical analyses, and then insert the 
results back into DataWalk. 


Intuitive Visualizations And 
Graphical Displays 

DataWalk is a visual analytics platform 
and does not require you to have 
expertise in SQL or any programming or 
scripting language. Even complex 
queries are created via an intuitive, 
interactive, and visual interface, 
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LINKS NODE 


TRADITIONAL SOLUTIONS WITH DATAWALK 


Implementation many months, years weeks 


Changing logical data model 1-2 weeks minutes - hours 


Adding new data source lweek-1 month 1-2 days, even hours 


Creating new alert rule few days minutes - hours 


New complex analysis with new source hours, days minutes - hours 


Complex queries, computation time many hours 60x faster 


Programming required? Yes - many hours 


Yes - many hours 


language required? 


Table 1: Customer Case - Sarnple Results 


Link Charts Made Easy 
Link charts provide a powerful tool for 


analysts to identify hidden relationships. 
DataWalk link charts include various 
Social Network Analysis facilities, and 
also enabie you to easily undo/redo any 
steps taken in your link analysis. 


Our Experts Help You Succeed 
Our goal is to help make your team 
successful. Our dedicated engineers 
bring a wealth of technical depth and 
industry knowledge to each 
deployment. This maximizes your results 
solving the many challenges associated 
with complex investigations and deep 
data exploration. 


Agile System Easily Adaptable 
To Your Needs 

Many traditional systems are notoriously 
inflexible, requiring months of 





professional services to do things like 
add a new data source, or change the 
data structure of the analytic 
environment. 


DataWalk is different. Adding and 


integrating a new source can often be 





done in minutes or hours, and the data 
structure can be modified either by your 
experts, or DataWaik, with a few clicks. 


Get Results, Even With Dirty Data 
Traditional tools don't operate well on dirty, 
inconsistent, or incornplete data and often 
require long, expensive data cleanup 
projects. 


With DataWalk you can quickly profile your 
data, extract unique records from 
duplicates, and do on-the-fly 
transformations, all without requiring any 
action from data owners or IT. Note that 
your data won't be affected by any 
transformations, and you will be able to 
easily track objects back to the source 
systems after these transformations. 








Unique DataWalk Technology 
DataWalk is powered by a powertul set of 
proprietary, patented and patent-pending 
technologies. 
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Instead of complex JOINs, DataWalk 
uses links to connect and analyze 
data, maintaining linear performance 
as computational complexity 
increases. Links (data relationships) 
are generated only once and 
complex queries/analyses are 
divided into smaller, linear operations 
which increases the computational 
efficiency of advanced analytical 
queries. 


To explore distant data with many 
degrees of separation, data 
denormalization is not required. This 
enables analysis of large 
environments — with many billions of 
records — to be done on commodity 
hardware without enormous 
amounts of expensive in-memory 
computational power. 
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Key Specifications 





System . Shared multi-user system 
| Architecture i ° Scalable, shared, singie-instance data repository 
i * Two layers: UI and Computation Engine 








Universe Viewer . Provides a simple, unified, visual environment for importing, connecting 
| and Histograms | and analyzing data across many large data sets 
H : Administrative users can easily modify the structure of the analytic 
environment with just a few clicks. 
: Users can instantly drop a Microsoft Excel file into the Universe Viewer 
and connect to other data sets, providing a private sandbox. 
. Each user can instantly generate histograms of any desired data sets. 
. Histograms can be used to profile and/or filter data. 
7 Dynamic Breadcrumbs enable easy visualization, modification, and re- 
use of analyses. 
° Users can do ad-hoc querying and data discovery via traversing their 
data. 
. Non-technical users can easily execute complex queries via a visual 
interface by filtering and connecting various data sets and the paths 
between them. | 
. Connections between data sets can be based on any combination of 














numeric comparisons, fuzzy/direct matching of text, time, date, 
geographical distance or related similarity. 
. Data sets can be connected both with and without a common key. 
Push-Button : instant Analyses enable you to encode organizational knowledge by 
Analytics easily generating and re-using searches and analysis paths on the 
Universe Viewer. 
Link Analysis . Enables network analysis, geo-spatial, and temporal analysis (timelines) 
. Multiple layouts, including structural, radial, and hierarchical 
7 Social network analysis including betweenness, closeness, page rank, 
shortest path, and Eigenvector 
. Undo/redo analysis steps on link charts as needed 
. Easily visualize flows of any objects (e.g., money, material, etc.) 
Maps . Link charts and flows can be presented on maps 
. Maps can be integrated with GoogleStreetView 
*  Geolocation translation is available via LocationiQ or an offline service 
: DataWalk supports: 
i ¥  OpenStreetMap Server (such that no request is sent off premise 
| ¥ MapQuest 
¥  GoogleMaps 
Other * Object search facility 
Visualization + Drill-down charts 
and Analysis + Pivot tables - Universal OLAP 
_ Capabilities + Text mining 
i + Multi-dimensional scoring 
. Ability to create custom calculated columns on tabular data 





. Basic statistics on tabular data (min, max, sum, avg) 
. Customizable dossiers show all desired data about an object, ona 
single screen. 


| Investigation i . Easily create Investigation Folders for all DataWalk analyses and link 
| Workspace charts associated with an investigation 
+ Add ad-hoc notes 
: Attach any other files to an Investigation Foider 
7 Specify colleagues with whom a Folder is to be privately shared 














Scalability . Easily link dozens/nundreds of data sources. 
: + interactive analysis of many millions/billons of records 
: Scale-out architecture: scale system capacity by adding commodity 








servers 
Data Sources « Any relational Database 
/ i * Microsoft Excel files 

: CSV files 

. XML files 


. Hadoop HDFS 
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Traditional intelligence collection methods involving searches of external datasets, 










including social media datasets, publicly available / open source cata sources, 


and low side government curated data repositories, are very revealing. This 





exposure not only includes attribution of the search (who is performing it), 


but also the content of the search (what you are searching for). This DATA IN TRANSIT DATA AT REST 





search content may include sensitive indicators and/or classified 
selectors that would be extremely damaging to national security 


if exposed, 


Currently, there are two main options to avoid this exposure: DATAIN USE 


Searches with sensitive content are not performed in 





external datasets, limiting the intelligence value and 


Sensitive indicators / classified selectors musi go 


al SECURE a SECURE 





through the selector release process before being 





searches which is both me consuming 


and risk inciucing, 























Enveil completely changes the security paradigm by never decrypting 
anything, enabling trusted compute in untrusted Locations. 






































UNPRECEDENTED MISSION IMPACT — PUTTING ENVEIL TO USE FOR YOU 


Enveil fundamentally changes the paradigm of secure cata usage, reduces attack services, anc. can be used for multiple applications with 
the potential for high mission impact. 





| eee 

ote 

ea 
Trusted Compute in Secure Open Counterintelligence, Enable Secure Cross Domain and 
Untrusted Locations Source Intelligence Compliance, and Cloud Processing Interagency Data Usage 

Insider Threat 

Never reveal classified Leverage open source Securely perform Cl Confidently migrate Securely utilize datasets 
selectors or sensitive datasets to derive vetting, compliance your most sensitive in-crass domain and 
indicators when intelligence (OSINT) checks, or insider threat workloads and.data to interagency environments 
searching thitd-party or without ever revealing monitoring without the Cloud with Enveil's — with selectors ofa higher 
government held data interests oF intentions. revealing key indicators. Never Decrypt security classification, increasing 
Sources. posture. the datasel’s intelligence 


value: 
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CLASSIFIED/ TRUSTED UNCLASSIFIED/UNTRUSTED 











ZeroReveal™ Compute Fabri 

















Full Lifecycle Security at Scale — First and only 
scalable commercial solution to enable a 
ZeroReveal™ security posture, ensuring the content 
of the interaction, the results, and the data itself are 
always protected. 


Not Intrusive - The capability does not require any 
changes to a system architecture, data storage 
format or technology, or application code. 








ZeroReveal™ Search 


AT GLANCE CEROREVEALT PORINTELLIGENCE Trusted Compute in Untrusted Locations ~ Military- 


grade encrypted search extends the boundary of 


CLOSING THE LAST GAP IN DATA SECURITY | trusted compute into untrusted locations. 


Extracting value from data by performing actions such as search | Keep Your Keys - Keys never need to leave the 
and analytics requires decryption, creating critical points of | owner's custody even when processing data outside 
exposure. It’s far too easy to assume Current security practices your walls. 


already have this covered. They don't. Enveil's ZeroReveal™ Never Decrypt ~ Data remains encrypted during 


compute capabilities close this gap in data security by protecting | processing whether within the enterprise, in a third- 
data while it is being used. party data source, or in the public cloud. 


ENVEIL COMPLETELY CHANGES THE SECURITY PARADIGM. 


Founded by U.S. Intelligence Community alumni, Enveil provides the first and only scalable 


sea 


commercial solutions to enable full lifecycle security at scale — allowing organizations to achieve 
previously impossible levels of data security by ensuring that the content of the interaction. the 
results, and the data itself are always protected. Enveil's producis are proven in both government 





and commercial applications and the company is backed by investors and strategic partners 


J ae 


such as In-Q-Tel, Thomson Reuters, Bloomberg Beta, and USAA. 


Powered by homomorphic encryption, Enveil’s core technology was developed, deployed, and operationalized inside of the 
National Security Agency to extend the boundaries of trusted compute (typically high-side environments or secure enclaves) 
into untrusted spaces such as cloud environments, open source data repositories, and third-party data services. li has been 
implemented at scale in sensitive environments where analysts work under the assumption the system has been compromised. 
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Collaboration . Single data instance shared by all users of the system 
: . Document “stories” by capturing screen shots and associated 
comments. 


. Easily share views/analyses. 

: Export results to Microsoft Excel. 

. Share data and analyses with other tools via RESTful access, JDBC, 
and ODBC. 
































| Security : Highly granular (cell-level} rule-based permissions using predicates 
> Full audit trail 
Compliance . 28-CFR Part 23 Compliance, i.e., data in DataWalk can be deleted on 
: : any desired schedule 
Alerts . DataWalk can import alerts from an external alerting system, or alerts 
i can be generated via the DataWalk alerting facility. 
Reporting “ Automatic report generation 
/ : , Reports can be exported to PDF or Microsoft Excel | 
° Can be automatically distributed on a pre-set schedule 
Platform " DataWalk runs on commodity servers in a scale-out configuration 
: . Supported operating system platforms are RedHat7 and CentOS? 
Supported ‘ DataWalk is browser-based and there are no client-side software 
Browsers installs required 
. Chrome C38+ (highly recommended; enables highest DataWalk 
performance) 
. Firefox 33+ and higher 
: Microsoft 1E11 
: Other browsers supported as required 
Deployment . Software-only solution runs on commodity hardware 
. One-click deployment of base DataWalk software 
. Can be deployed on-premise, or in cloud 
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